Skills
skills/openclaw/skills/zoho-recruit/Gen Agent Trust Hub

zoho-recruit

Warn

Audited by Gen Agent Trust Hub on Feb 12, 2026

Risk Level: MEDIUMEXTERNAL_DOWNLOADSCOMMAND_EXECUTIONPROMPT_INJECTION
Full Analysis

================================================================================

🟡 VERDICT: MEDIUM

This skill is rated MEDIUM primarily due to the use of an external, unverifiable dependency ('requests' library) in its code examples. While the skill's core functionality involves making network requests to its own backend services (maton.ai) using an API key, which is expected, the reliance on a non-standard library without explicit installation instructions or verification raises a concern. Additionally, as the skill interacts with external data sources (Zoho Recruit), there is an inherent risk of indirect prompt injection.

Total Findings: 3

🟡 MEDIUM Findings: • Unverifiable Dependency

  • SKILL.md: The Python code examples demonstrate the use of the 'requests' library, which is an external dependency. Although 'requests' is widely used, it is not part of the standard library and would need to be installed, making it an unverifiable dependency at analysis time. This introduces a potential supply chain risk if the library were compromised.

🔵 LOW Findings: • Data Transfer to External Service (Intended)

  • SKILL.md: The skill explicitly instructs the agent to send the MATON_API_KEY environment variable to https://gateway.maton.ai and https://ctrl.maton.ai for authentication. While this involves sending sensitive data to an external server, it is the intended and necessary functionality for the skill to operate with its backend services. This is not considered malicious data exfiltration but is noted for transparency regarding network activity.

ℹ️ INFO Findings: • Indirect Prompt Injection Risk

  • SKILL.md: The skill interacts with Zoho Recruit, an external system that can contain user-generated or external data (e.g., candidate profiles, job descriptions). If the AI agent were to process this data, there is a theoretical risk of indirect prompt injection if the external data contains malicious instructions designed to manipulate the agent's behavior.

================================================================================

Audit Metadata
Risk Level
MEDIUM
Analyzed
Feb 12, 2026, 10:42 AM